[Hipsec] Parameter space design (was: Updating parameter type values for VIA and BONE drafts)
Tobias Heer <heer@cs.rwth-aachen.de> Wed, 14 July 2010 14:32 UTC
Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28B213A6B6C for <hipsec@core3.amsl.com>; Wed, 14 Jul 2010 07:32:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.151
X-Spam-Level:
X-Spam-Status: No, score=-4.151 tagged_above=-999 required=5 tests=[AWL=0.650, BAYES_00=-2.599, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BB9v3Qzp2Or0 for <hipsec@core3.amsl.com>; Wed, 14 Jul 2010 07:32:20 -0700 (PDT)
Received: from mta-1.ms.rz.rwth-aachen.de (mta-1.ms.rz.RWTH-Aachen.DE [134.130.7.72]) by core3.amsl.com (Postfix) with ESMTP id C86FB3A6B95 for <hipsec@ietf.org>; Wed, 14 Jul 2010 07:24:33 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from ironport-out-1.rz.rwth-aachen.de ([134.130.5.40]) by mta-1.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) with ESMTP id <0L5J001NUXD6XDH0@mta-1.ms.rz.RWTH-Aachen.de> for hipsec@ietf.org; Wed, 14 Jul 2010 16:24:42 +0200 (CEST)
X-IronPort-AV: E=Sophos;i="4.55,202,1278280800"; d="scan'208";a="65208082"
Received: from relay-auth-2.ms.rz.rwth-aachen.de (HELO relay-auth-2) ([134.130.7.79]) by ironport-in-1.rz.rwth-aachen.de with ESMTP; Wed, 14 Jul 2010 16:24:38 +0200
Received: from [137.226.12.157] ([unknown] [137.226.12.157]) by relay-auth-2.ms.rz.rwth-aachen.de (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id <0L5J00GJDXD23K30@relay-auth-2.ms.rz.rwth-aachen.de> for hipsec@ietf.org; Wed, 14 Jul 2010 16:24:38 +0200 (CEST)
From: Tobias Heer <heer@cs.rwth-aachen.de>
In-reply-to: <4C3D8FFF.9020005@nomadiclab.com>
Date: Wed, 14 Jul 2010 16:24:50 +0200
Message-id: <BCB923B0-5F22-472C-940F-4D8EFD134C3F@cs.rwth-aachen.de>
References: <4C3C7661.4000408@nomadiclab.com> <3C59C310-9904-418D-AE52-F1E9891D89C8@cs.rwth-aachen.de> <4C3D8FFF.9020005@nomadiclab.com>
To: Ari Keranen <ari.keranen@nomadiclab.com>
X-Mailer: Apple Mail (2.1081)
Cc: HIP WG <hipsec@ietf.org>
Subject: [Hipsec] Parameter space design (was: Updating parameter type values for VIA and BONE drafts)
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jul 2010 14:32:24 -0000
Hello Ari, Am 14.07.2010 um 12:22 schrieb Ari Keranen: > Hi Tobias, > > On 07/14/2010 01:03 PM, Tobias Heer wrote: >> Hello Ari, >> Am 13.07.2010 um 16:21 schrieb Ari Keranen: >>> Hi all, >>> As discussed in the other thread, instead of adding new parameters >>> to the 0-1023 range, we should rather use higher ranges for >>> "non-essential" type of extensions. Currently the text in RFC5201 >>> about the ranges says: >>> Parameters numbered between 0-1023 are used in HIP handshake and >>> update procedures and are covered by signatures. Parameters >>> numbered between 1024-2047 are reserved. Parameters numbered >>> between 2048-4095 are used for parameters related to HIP transform >>> types. Parameters numbered between 4096 and (2^16 - 2^12) 61439 >>> are reserved. >>> The VIA and BONE extensions are not actually "handshake and update >>> procedures", or "essential stuff", but we originally put the signed >>> parameters OVERLAY_ID [1] and ROUTE_DST [2] there since the other >>> possible ranges, according to the text above, were "reserved". >>> However, better approach would be to use a higher range for this >>> kind of extensions. For example, 4096-16383. Latest version of >>> HICCUPS [3] already uses that range and we were planning to move >>> the OVERLAY_ID and ROUTE_DST parameters there too (values 4592 and >>> 4600, respectively), unless someone objects. >> I agree that the current assignments are way to coarse grained. >> However, I am not really convinced that putting all extensions into >> one big bucket is the solution we want. Right now we have a grouping >> based on functionality and security requirements (signed/unsigned, >> BEX, other stuff). I like that approach (and would like it even >> better if it was a bit more fine grained) because it allows >> implementors to classify parameters easily. Putting every extension >> into the same range would mean that you can only distinguish between >> extension and non-extension. I would rather try to come up with a >> sensible allocation based on functions (although I don't have one at >> hand right now). > > Actually, I did not mean to change the current "signed/unsigned, BEX, other stuff" grouping but rather add more semantics to the "other stuff" parts (signed and unsigned). > We are absolutely on the same page here. Using the current state as reference you are right. Using a more fine grained approach, which we might have in the near future, large buckets make no sense. Since we don't have that shiny new approach you are right to propose to take this and that number. I just wonder if we can't come up with something better. > Anyhow, I guess we agree that the 0-1023 is not the best range for these new parameters. Absolutely. > I think the 4096+ range is good since that will leave us some space between the "BEX range" and the "new range" if need for a more "BEXy" range shows up later. Considering a possible redesign of the parameter space, I think it is a bit early to decide that. > Right now that range is listed by IANA as "first come first served" so we don't need any real process for this, but I'm just asking if anyone thinks this is a bad idea. > >> Maybe this could be one agenda item for the 5201-bis document >> crafting session? > > That would make sense. > Can we agree to come up with a "good" parameter space segmentation during the next IETF and take further steps then? Otherwise, we can also collect suggestions for a parameter space redesign here on the list. However, it would be nice to always have the big picture in mind and not discuss about subspaces in isolation. Right now it the complete parameter space looks like: 0 - 1023 Handshake 1024 - 2047 Reserved 2048 - 4095 Signed if signature is present 4096 - 61439 Reserved 61440 - 62463 Signatures and signed MACs 62464 - 63487 Parameters that are not signed 63488 - 64511 Rendezvous and relaying 64512 - 65535 Reserved Any suggestions for new groups based on the parameter use? BR, Tobias > > Cheers, > Ari > >>> [1] http://tools.ietf.org/html/draft-ietf-hip-bone-07#section-6.1 [2] http://tools.ietf.org/html/draft-ietf-hip-via-03#section-4.1 [3] >>> http://tools.ietf.org/html/draft-ietf-hip-hiccups-05#section-4.1 > -- Dipl.-Inform. Tobias Heer, Ph.D. Student Distributed Systems Group RWTH Aachen University, Germany tel: +49 241 80 207 76 web: http://ds.cs.rwth-aachen.de/members/heer blog: http://dtobi.wordpress.com/ card: http://card.ly/dtobi
- [Hipsec] Updating parameter type values for VIA a… Ari Keranen
- Re: [Hipsec] Updating parameter type values for V… Tobias Heer
- Re: [Hipsec] Updating parameter type values for V… Ari Keranen
- Re: [Hipsec] Updating parameter type values for V… Robert Moskowitz
- [Hipsec] DEX parameters and parameter usage (was:… Tobias Heer
- [Hipsec] Parameter space design (was: Updating pa… Tobias Heer
- Re: [Hipsec] DEX parameters and parameter usage Robert Moskowitz
- Re: [Hipsec] Parameter space design Ari Keranen